401 SEC+ Exam Guaranteed A+: Comprehensive
Solutions & Explanations Chosen from Certified
Global Sources and Top Universities
A security administrator is reviewing the company's continuity plan. The plan specifies an
RTO of six hours and RPO of two days. Which of the following is the plan describing?
A. Systems should be restored within six hours and no later than two days after the
incident.
B. Systems should be restored within two days and should remain operational for at least
six hours.
C. Systems should be restored within six hours with a minimum of two days worth of data.
D. Systems should be restored within two days with a minimum of six hours worth of data. -
-correct ans- -Answer: C
Explanation:
The recovery time objective (RTO) is the maximum amount of time that a process or service
is allowed to be down and the consequences still to be considered acceptable. Beyond
this time, the break in business continuity is considered to affect the business negatively.
The RTO is agreed on during the business impact analysis (BIA) creation.
The recovery point objective (RPO) is similar to RTO, but it defines the point at which the
system needs to be restored. This could be where the system was two days before it
crashed (whip out the old backup tapes) or five minutes before it crashed (requiring
complete redundancy). As a general rule, the closer the RPO matches the item of the
crash, the more expensive it is to obtain
Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit
the downtime in the event of a disaster, but does not have the budget approval to
implement or maintain an offsite location that ensures 99.99% availability. Which of the
following would be Pete's BEST option?
A. Use hardware already at an offsite location and configure it to be quickly utilized.
,B. Move the servers and data to another part of the company's main campus from the
server room.
C. Retain data back-ups on the main campus and establish redundant servers in a virtual
environment.
D. Move the data back-ups to the offsite location, but retain the hardware on the main
campus for redundancy. - -correct ans- -Answer: A
Explanation:
A warm site provides some of the capabilities of a hot site, but it requires the customer to
do more work to become operational. Warm sites provide computer systems and
compatible media capabilities. If a warm site is used, administrators and other staff will
need to install and configure systems to resume operations. For most organizations, a
warm site could be a remote office, a leased facility, or another organization with which
yours has a reciprocal agreement.
Warm sites may be for your exclusive use, but they don't have to be. A warm site requires
more advanced planning, testing, and access to media for system recovery. Warm sites
represent acompromise between a hot site, which is very expensive, and a cold site, which
isn't preconfigured.
After an assessment, auditors recommended that an application hosting company should
contract with additional data providers for redundant high speed Internet connections.
Which of the following is MOST likely the reason for this recommendation? (Select TWO).
A. To allow load balancing for cloud support
B. To allow for business continuity if one provider goes out of business
C. To eliminate a single point of failure
D. To allow for a hot site in case of disaster
E. To improve intranet communication speeds - -correct ans- -Answer: B,C
Explanation:
, A high-speed internet connection to a second data provider could be used to keep an up-
to-date replicate of the main site. In case of problem on the first site, operation can quickly
switch to the second site. This eliminates the single point of failure and allows the business
to continue uninterrupted on the second site.
Note: Recovery Time Objective
The recovery time objective (RTO) is the maximum amount of time that a process or service
is allowed to be down and the consequences still be considered acceptable. Beyond this
time, the break in business continuity is considered to affect the business negatively. The
RTO is agreed on during BIA creation.
Which of the following utilities can be used in Linux to view a list of users' failed
authentication attempts?
A. badlog
B. faillog
C. wronglog
D. killlog - -correct ans- -Answer: B
Explanation:
var/log/faillog - This Linux log fi le contains failed user logins. You'll find this log useful when
tracking attempts to crack into your system.
/var/log/apport.log This log records application crashes. Sometimes these can reveal
attempts to compromise the system or the presence of a virus or spyware
Which of the following risks could IT management be mitigating by removing an all-in-one
device?
A. Continuity of operations
B. Input validation
C. Single point of failure
D. Single sign on - -correct ans- -Answer: C
Solutions & Explanations Chosen from Certified
Global Sources and Top Universities
A security administrator is reviewing the company's continuity plan. The plan specifies an
RTO of six hours and RPO of two days. Which of the following is the plan describing?
A. Systems should be restored within six hours and no later than two days after the
incident.
B. Systems should be restored within two days and should remain operational for at least
six hours.
C. Systems should be restored within six hours with a minimum of two days worth of data.
D. Systems should be restored within two days with a minimum of six hours worth of data. -
-correct ans- -Answer: C
Explanation:
The recovery time objective (RTO) is the maximum amount of time that a process or service
is allowed to be down and the consequences still to be considered acceptable. Beyond
this time, the break in business continuity is considered to affect the business negatively.
The RTO is agreed on during the business impact analysis (BIA) creation.
The recovery point objective (RPO) is similar to RTO, but it defines the point at which the
system needs to be restored. This could be where the system was two days before it
crashed (whip out the old backup tapes) or five minutes before it crashed (requiring
complete redundancy). As a general rule, the closer the RPO matches the item of the
crash, the more expensive it is to obtain
Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit
the downtime in the event of a disaster, but does not have the budget approval to
implement or maintain an offsite location that ensures 99.99% availability. Which of the
following would be Pete's BEST option?
A. Use hardware already at an offsite location and configure it to be quickly utilized.
,B. Move the servers and data to another part of the company's main campus from the
server room.
C. Retain data back-ups on the main campus and establish redundant servers in a virtual
environment.
D. Move the data back-ups to the offsite location, but retain the hardware on the main
campus for redundancy. - -correct ans- -Answer: A
Explanation:
A warm site provides some of the capabilities of a hot site, but it requires the customer to
do more work to become operational. Warm sites provide computer systems and
compatible media capabilities. If a warm site is used, administrators and other staff will
need to install and configure systems to resume operations. For most organizations, a
warm site could be a remote office, a leased facility, or another organization with which
yours has a reciprocal agreement.
Warm sites may be for your exclusive use, but they don't have to be. A warm site requires
more advanced planning, testing, and access to media for system recovery. Warm sites
represent acompromise between a hot site, which is very expensive, and a cold site, which
isn't preconfigured.
After an assessment, auditors recommended that an application hosting company should
contract with additional data providers for redundant high speed Internet connections.
Which of the following is MOST likely the reason for this recommendation? (Select TWO).
A. To allow load balancing for cloud support
B. To allow for business continuity if one provider goes out of business
C. To eliminate a single point of failure
D. To allow for a hot site in case of disaster
E. To improve intranet communication speeds - -correct ans- -Answer: B,C
Explanation:
, A high-speed internet connection to a second data provider could be used to keep an up-
to-date replicate of the main site. In case of problem on the first site, operation can quickly
switch to the second site. This eliminates the single point of failure and allows the business
to continue uninterrupted on the second site.
Note: Recovery Time Objective
The recovery time objective (RTO) is the maximum amount of time that a process or service
is allowed to be down and the consequences still be considered acceptable. Beyond this
time, the break in business continuity is considered to affect the business negatively. The
RTO is agreed on during BIA creation.
Which of the following utilities can be used in Linux to view a list of users' failed
authentication attempts?
A. badlog
B. faillog
C. wronglog
D. killlog - -correct ans- -Answer: B
Explanation:
var/log/faillog - This Linux log fi le contains failed user logins. You'll find this log useful when
tracking attempts to crack into your system.
/var/log/apport.log This log records application crashes. Sometimes these can reveal
attempts to compromise the system or the presence of a virus or spyware
Which of the following risks could IT management be mitigating by removing an all-in-one
device?
A. Continuity of operations
B. Input validation
C. Single point of failure
D. Single sign on - -correct ans- -Answer: C
